Table Of ContentJSP Examples and Best Practices
by Andrew Patzer
ISBN: 1590590201
This useful resource covers JSP, Servlets, JUnit, JMeter, Ant, CVS, Customer Tags, and
JavaBeans, and provides plenty of source code.
1
Table of Contents
JSP Examples and Best Practices
Introduction
Chapter 1
JSP Foundations
Chapter 2
Using JSP
Chapter 3
Role Separation with Javabeans
Chapter 4
Role Separation with Custom Tags
Chapter 5
Development Using Patterns
Chapter 6
The Decorating Filter Pattern
Chapter 7
The Front Controller Pattern
Chapter 8
The View Helper Pattern
-
Chapter 9
Testing Techniques
-
Chapter 10
Deployment Techniques
-
Chapter 11
Application Frameworks
Chapter 12
Putting it all Together
Index
List of Figures
List of Tables
List of Listings
2
JSP Examples and Best Practices
ANDREW PATZER
Copyright ?2002 by Andrew Patzer
All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written
permission of the copyright owner and the publisher.
ISBN (pbk): 1-59059-020-1
Printed and bound in the United States of America 12345678910
Trademarked names may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked
name, we use the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of
infringement of the trademark.
Technical Reviewer: David Czarnecki
Editorial Directors: Dan Appleman, Peter Blackburn, Gary Cornell, Jason Gilmore, Karen Watterson, John Zukowski
Managing Editor: Grace Wong
Project Manager: Alexa Stuart
Copy Editor: Kim Wimpsett
Production Editor: Kari Brooks
Compositor: Impressions Book and Journal Services, Inc.
Indexer: Carol Burbo
Cover Designer: Tom Debolski
Marketing Manager: Stephanie Rodriguez
Distributed to the book trade in the United States by Springer-Verlag New York, Inc., 175 Fifth Avenue, New York, NY, 10010
and outside the United States by Springer-Verlag GmbH & Co. KG, Tiergartenstr. 17, 69112 Heidelberg, Germany.
In the United States, phone 1-800-SPRINGER, email <orders@springer-ny.com>, or visit http://www.springer-
ny.com.
Outside the United States, fax +49 6221 345229, email <orders@springer.de>, or visit http://www.springer.de.
For information on translations, please contact Apress directly at 2560 9th Street, Suite 219, Berkeley, CA 94710.
Phone 510-549-5930, fax: 510-549-5939, email <info@apress.com>, or visit http://www.apress.com.
The information in this book is distributed on an "as is" basis, without warranty. Although every precaution has been taken in
the preparation of this work, neither the author nor Apress shall have any liability to any person or entity with respect to any
loss or damage caused or alleged to be caused directly or indirectly by the information contained in this work.
The source code for this book is available to readers at http://www.apress.com in the Downloads section.
About the Author
Andrew Patzer is a web architect for the Centare Group, a consulting firm located in the Midwest. His first book, Professional
Java Server Programming (Wrox Press, 1999), is a best seller and one of the first books to cover J2EE technologies. Andrew
recently served as a lead systems architect for a leading application service provider in the insurance industry, and he was
3
directly involved in designing and building a J2EE development framework upon which the company's key product was built.
Andrew has delivered several presentations over the years to local user groups as well as national conferences.
I'd like to dedicate this book to my wife, Beth, and our daughters, Ashley and Emily. Once again, they've been very supportive
of me as I took on another book. I know it's been difficult at times to put up with me not being around because I had more
writing to do. Thank you for your love and continued support.
I'd like to give special thanks to both my mother and my mother-in-law. They've both had to deal with cancer this past year and
continue to fight. I've learned a great deal personally from both of them about courage and strength. I pray they continue to
enjoy life to its fullest each and every day.
Acknowledgments
I BELIEVE STRONGLY that a person can only go so far unless they surround themselves with good people. Over the years,
I've had the pleasure of working with some outstanding people. I'd like to specifically mention a few that I worked with at
Workscape (now Riverwood Solutions). Mike Schenk, Mike Connor, and Craig Wohlfeil are each extremely talented architects
who not only taught me a great deal, but also pushed me to achieve more than I could have on my own.
Dave Glyzewski, owner of the Centare Group, has always been a friend and has done his best to support me over the years as
my career has taken me many different places. I'd like to thank Dave for being in my corner and always believing in me.
Thanks, Smithers!
John Carnell, my perpetual coworker, has been there to keep my competitive juices flowing. We always seem to push each
other to new heights (although I can't seem to push you past that five-foot mark—sorry, I couldn't help myself). Seriously, thank
you for being a friend, as well as competitor, throughout my career.
I'd also like to thank my friend Scott Borth. Scott is the only person I've found who will laugh at my jokes and find humor in the
same things I do. When your job has you sitting in front of a computer screen all day, it helps to talk to someone who not only
allows you to be yourself, but actually encourages it.
About the Technical Reviewer
David Czarnecki is a computer scientist in the Advanced Computing Technologies lab at the GE Global Research Center in
Niskayuna, New York. He's involved with various projects ranging from the development of application frameworks to the use
of natural language processing techniques. He's the coauthor of Java Internationalization (O'Reilly, 2001), and he regularly
provides expertise on how to properly internationalize software. David is also a speaker at national conferences such as
JavaOne.
4
Introduction
When I wrote my first book covering JavaServer Pages and Java Servlet technology, there was
a great deal of uncharted territory to cover. Today, much of what I wrote is not only outdated,
but completely obsolete. The technology has grown tremendously fast and, with it, a legion of
Java developers eager to stay on the cutting edge of Java development. Although this is
certainly a good thing, it does however create a problem. Quite often, in a rush to implement
the latest technology, little thought is given to good design and architecture.
This book attempts to provide a framework for developing quality software using JavaServer
Pages technology. Chapters 1 and 2 lay the groundwork for using JSP. Chapters 3 and 4
explore the separation of roles between page designer and Java developer using both
JavaBeans and custom tag extensions. Chapters 5, 6, 7, and 8 present several design patterns
for the presentation tier. These patterns are applied using JavaServer Pages and Java Servlets.
Chapters 9 and 10 walk through the basics of testing and deploying web applications using
open-source tools. The book concludes with the development of an application framework
along with a complete reference implementation in Chapters 11 and 12.
I hope you enjoy this book as much as I've enjoyed writing it!
5
Chapter 1: JSP Foundations
Overview
Developers have seen great improvements in server-side web development in the past few
years. We've gone from complex, non-scalable Common Gateway Interface (CGI) scripts to
some elegant enterprise-class solutions using technologies such as Active Server Pages
(ASP), Java Servlets, and JavaServer Pages (JSP). Unfortunately, with this explosion of new
technology come a lot of misguided efforts by well-intentioned developers.
It's easy to simply learn the skills you need to accomplish a specific task and then move on to
something else. When you revisit that same task, you may learn a little bit more to make
necessary modifications, but it's still not quite right. What eventually happens is that you end up
with a system of "patchwork" that needs to be supported and maintained. Wouldn't it be nice to
do things right up front and avoid creating this mess in the first place?
This book's purpose is to educate those of you who may have developed several JSP
applications but have never really thought about concepts such as role separation, frameworks,
and enterprise development patterns. Having developed several server-side Java applications
over the past few years, I'd like to share with you some of my ideas as well as some best
practices that I've arrived at while working alongside some of the best and brightest developers
around.
This chapter will lay down the basics of developing a web application using JSP. It'll explain the
fundamental concepts behind web development, J2EE (Java 2 Enterprise Edition) applications,
and simple JSP development. If you're already a JSP expert, then you may still want to skim
over the chapter. It'll include information helpful for setting up a particular JSP environment and
laying the groundwork for the book's examples.
Developing Web Applications
It may seem a bit trivial to discuss the elements of a basic web application in an advanced JSP
book, but I think it warrants attention when I see numerous people claiming to be web
developers who know nothing about HyperText Transfer Protocol (HTTP) or even web servers.
It reminds me of my client/server days, when I was surrounded by Visual Basic developers who
had no understanding of the Windows operating system. They were certainly capable of
producing a working application, but they could have done so much more had they understood
the basic foundation upon which they were developing.
Web developers, for the most part, tend to get caught up in their specific technology and then
do exactly what they need to do to get their programs to work. Quite often, there just isn't any
time to learn anything more about it. With aproper foundation, developers can make better
decisions before diving into development. So, let's start this book by reviewing HTTP and how
each component of a web application plays a part in the overall interaction with the user.
Understanding HTTP
HTTP defines the way in which web browsers interact with web servers. HTTP uses TCP/IP,
the network protocol of the Internet, to communicate standard messages between machines
across the Internet. By using standard protocols such as these, you're able to communicate
with any web server from a variety of different web browsers and expect similar behavior.
6
At the heart of HTTP lies a request message and a response message. This is the
fundamental way in which a web browser communicates with a web server (see Figure 1-1).
The user types in the location of a document in the URL box, the browser issues a standard
HTTP request for the document, and the document is located and returned to the browser as a
standard HTTP response.
Figure 1-1: Basic HTTP exchange
The HTTP request consists of a series of standard headers along with any parameters, or form
data, necessary to fulfill the request. The web server, for which the request is intended, is able
to read these headers and respond accordingly. There are two common types of HTTP
requests, GET and POST. A GET request will append form data to the requested URL and send it
as one packet. A POST request will first send a packet containing header information and then
send a separate packet containing the form data. A common question I'm asked is, "Which
type of request should I use in certain situations?" A good rule of thumb is that you should use
POST requests to modify a resource on the server and GET requests to simply retrieve information
from the server. You may find that this doesn't always apply in every situation, though.
The HTTP response consists of standard response headers such as content-type and content-
length, along with an HTTP version number and an HTTP status code. In addition to the
header, chunks of data are sent immediately following the response message. The browser
uses the response headers to determine the best way to render the data and then displays it
accordingly. Most of the time, the response consists of HTML content, along with a few images.
Sometimes, however, the content-type may be something like application/pdf, which is known
as a MIME type. The browser will match this against its own list of MIME types and determine
which helper application to load. In this case, the Adobe Acrobat Reader would render the
response data.
Table 1-1 shows the log file of an HTTP tracer program that tracks every HTTP message sent
between your browser and the Internet. You can see how the POST request issues two separate
messages. What you can't see in this particular log is that the second message contains all of
the form data (notice the size of the message). The response that is generated contains a
header of HTTP/1.1 200. The first part (HTTP/1.1) is the version number. The last part is the
status code (200, which means OK). This also contains any response headers such as
content-type and content-length (not shown in this log). The remaining lines show how the
browser receives the response data. The browser will take this data, along with its content-type
and content-length, and render it appropriately for the user to view.
Table 1-1: Example of a Single POST Request and Subsequent Response
TYPE ID1 ID2 BYTES RESPONSE TIME DATA
SEND 735 1 741 0.000 POST
/marketplace/default.html
SEND 735 2 1489 2.799 POST
/marketplace/default.html
RECEIVE 735 3 172 2.720 HTTP/1.1 200
7
Table 1-1: Example of a Single POST Request and Subsequent Response
TYPE ID1 ID2 BYTES RESPONSE TIME DATA
RECEIVE 735 4 2048 0.005 2048 bytes
RECEIVE 735 5 7680 0.035 7680 bytes
RECEIVE 735 6 512 0.002 512 bytes
RECEIVE 735 7 2560 0.019 2560 bytes
RECEIVE 735 8 63 0.018 63 bytes
Components of a Web Application
A typical web application involves a web server, an application server, and a database server.
Each of these servers listens to a specific TCP/IP port for incoming messages containing
requests to carry out. These listeners are sometimes called daemons. They're threads of
execution that wait for TCP/IP messages to appear for a specific port. For instance, the web
server will, by default, listen to requests addressed to port 80. Because web servers default to
this port, there's no need to specify it in the URL, it's just implied. If you were to request
http://www.apress.com, the request would be sent to port 80 of the machine on which the web
server is running. To specify a different port, let's say port 7100, you would add it to the URL
like this: http://www.apress.com:7100.
Ports provide an easy way in which a company can limit access to its network resources. A
network administrator can simply shut off outside access to all ports other than port 80. This
ensures that the only way someone will get in is through the web server. Application servers
listen on a port that is typically private to the outside world. The web server is configured to
forward specific requests to that particular port. Database servers operate in a similar fashion.
The database server may be listening on port 3306 for requests. The application server would
then establish a database connection with that port. Figure 1-2 shows this chaining of servers
through port mappings. It's important to note that each of these servers can be running on the
same machine or multiple ones. If they're running on separate machines, then you would need
to specify the machine name in front of the port name (machine_name:port).
Figure 1-2: Web application architecture
The typical flow of handling a request starts with the browser issuing arequest for a specific
resource. The web server picks up this request off of port 80 and determines that the
application server should handle the request. The application server receives the request and
executes some code to handle the request. Within the code, the database may be called by
8
making a connection to whatever port to which the database server is listening. Once a
response has been assembled, it's sent back to the browser from where it originated.
Developing J2EE Web Applications
You've seen how HTTP has made it possible for various web servers and web browsers to
communicate with each other regardless of the underlying technologies. In a similar fashion,
the J2EE specification has made it possible for applications to be deployed in a wide variety of
environments with little or no modifications necessary. An application server that is said to be
J2EE compliant can fulfill a "contract" between the application itself and the services the
application server provides. Popular J2EE-compliant application servers are BEA WebLogic
and IBM WebSphere. Some open-source options are Enhydra and JBoss.
The J2EE specification defines the use of several services with which a typical enterprise
application is concerned. These services include transaction management (JTA), naming
services (JNDI), messaging (JMS, JavaMail), distributed object handling (RMI-IIOP), and
database management (JDBC). In addition to these services, a J2EE-compliant application
server provides both a web container and an Enterprise JavaBean (EJB) container (see Figure
1-3).
Figure 1-3: J2EE architecture
Understanding Web Containers
A J2EE application server provides a standard container that can handle the execution of both
Java Servlets and JSP, along with any services that may be needed by these components.
This container is the web container because the components within it are responsible for page
navigation and presentation.
Java Servlets
A few years ago, there were not many options for delivering dynamic content through the Web.
Most people had to write Perl scripts to be used through CGI. Although this approach worked
reasonably well, it was not very scalable (a new process is required to service each request).
Sun introduced Java Servlets to provide a scalable solution that brought with it the many
advantages of the Java platform.
Servlets are nothing more than Java classes that implement the HttpServlet interface of the
Java Servlet API. This interface defines a set of lifecycle methods that can be overridden to
provide dynamic responses to HTTP requests. A J2EE-compliant application server provides
an environment for servlets to reside and handle incoming requests.
9
TEAM FLY PRESENTS
The web container can load and manage multiple servlets within the same Java Virtual
Machine (JVM). Once a servlet is loaded, it handles each incoming request by spawning a new
lightweight thread to perform its task. This enables the application server to service a great
number of requests without significant degradation of performance.
JavaServer Pages
The biggest problem with servlets was that they required the Java developer to assemble the
HTML-formatted output from within the Java code using a series of out.println() statements.
This not only created some ugly code, but it also made it difficult to create a decent user
interface. If you wanted to use a tool to visually design a page, you needed to copy the HTML
into your Java code and wrap the out.println() method calls around each line. In short, there
was no clear separation between the application code and the user interface. To change one,
you invariably changed the other.
JSP was introduced as a way to separate the content from the presentation of the content. A
JSP page is typically an HTML page with special tags for including Java code. The page
dynamically compiles into a servlet behind the scenes and executes as such. This makes it
possible to write pure HTML (and use HTML tools) without regard to the Java code in the page.
There are many ways to further separate content from presentation using both servlets and
JSP pages. Chapters 3 and 4 discuss these techniques in depth.
Understanding EJB Containers
In addition to a web container, J2EE-compliant application servers provide an EJB container.
The web container will typically communicate with the EJB container to access business logic
contained within one or more EJBs. It's often through EJBs that the web container accesses
enterprise resources such as databases, message queues, and distributed objects.
EJB containers provide an environment to host EJBs as well as a set of system-level services
such as transaction management and security. An EJB makes itself known to its container by
publishing a home and remote interface. It's through these interfaces that client objects
communicate with the EJB and invoke the business logic contained within them.
Structure of a J2EE Application
All J2EE-compliant applications must follow a specific deployment structure. This structure
helps to minimize the differences in deploying an application to different application servers (in
other words, WebLogic vs. WebSphere). The directory structure is as follows:
app-name (.html & .jsp files, along with any subdirectories required by html)
web-inf (web application deployment descriptor, web.xml)
classes (application classes, servlets)
lib (3rd-party jar files)
tlds (Tag library descriptors)
The web.xml file contains configuration information for the web container to use. For a complete
description of this file, see the Java Servlet specification at
http://java.sun.com/products/servlet/download.html.
10
TEAM FLY PRESENTS